Cyber threats are no longer an abstract concern for the mining sector; they are an active and evolving danger.

Over the past year, a surge in cyberattacks has exposed critical weaknesses in even the most fortified digital infrastructures across nearly every industry. Given the mining sector's fundamental role in the global economy and energy transition, its growing dependence on automation, cloud computing, and interconnected systems has turned this sector into a prime target, making the urgency to strengthen defenses against these escalating threats clearer than ever.

Analyst reports indicate that ransomware and data breaches are continuing to rise sharply. In 2024, ransomware gangs alone have extorted over $450 million globally, a mere fraction of the broader financial toll cybercrime imposes.

In 2015, damages from cybercrime were estimated at nearly $3 trillion, a figure that surged to $6 trillion by 2021. According to an analysis by Cybersecurity Ventures, global cybercrime costs are expected to grow by 15% annually, reaching $10.5 trillion by next year-representing the greatest transfer of economic wealth in history, surpassing the damage caused by natural disasters and the global trade of illegal drugs combined.

Factoring in both direct and indirect damages to businesses – for example, those that refuse to pay and instead suffer operational disruptions, data loss, and even reputational damage – the projection of global cybercrime costs reaching into the tens of trillions seems increasingly realistic.

From January to August, Kon Briefing reported over 740 cyberattacks across 48 countries, impacting a broad array of sectors. The public sector accounted for a significant share, with over 190 incidents, while the healthcare and education industries saw more than 100 breaches each. Other targeted industries included finance, manufacturing, media, logistics, and mining.

The mining industry, which saw at least eight publicly reported attacks, is perhaps one of the more significant to be targeted. With geopolitical tensions rising over resources necessary for renewable energy, advanced technologies, military hardware, and consumer electronics, a blow to the supply of minerals and metals could have crippling consequences.

Companies like Evolution Mining Ltd., a Sydney-based major gold producer with multiple mines across Australia and Canada, have been hit by significant cyberattacks. These breaches not only threaten the company's operations but also risk destabilizing the global gold market, where Evolution holds considerable influence.

Similarly, Industrias Peñoles S.A.B. de C.V., one of the largest mining companies in Latin America, is a key supplier of silver and other essential metals. Cybercriminals exploited the company's vast digital infrastructure to disrupt operations, highlighting the vulnerabilities in the production and trade of vital materials.

The impact of such attacks extends beyond the company itself, potentially affecting global industries reliant on a steady supply of silver, lead, and zinc.

Another high-profile victim, Sibanye-Stillwater Ltd., is a leader in platinum group metals (PGMs) and gold production. The South Africa-based company plays a critical role in the automotive industry, where PGMs are used in catalytic converters and are increasingly being used in hydrogen fuel cells for the clean energy transition.

Although the company managed to limit the impact on its core mining and processing operations, the attack still caused significant disruptions, including a shutdown of automated systems at its U.S. smelter operations in Montana.

These companies, along with others such as Fresnillo plc out of Mexico, the world's largest silver producer, have faced ransomware infections, data theft, and operational disruptions.

As cyberattacks on the mining sector continue to escalate, the potential global ramifications are becoming increasingly apparent, raising urgent questions about the industry's preparedness to confront these evolving threats.

Ugly truth

Under the rising frequency of cyberattacks, many experts warn that the mining industry remains woefully unprepared to defend itself against the growing onslaught of digital threats.

In 2020, the EY Global Information Security Survey (GISS) found that 71% of mining respondents reported an increase in disruptive cyberattacks, and 55% of executives in mining and metals expressed deep concern over their ability to manage these growing threats.

Fast forward to today, and the situation appears even more dire. A recent report from cybersecurity specialists Purple Security revealed that 54% of mining and metals companies have experienced a cybersecurity incident, while 40% saw a sharp rise in external threats over the previous year.

Perhaps most concerning, however, is that 97% of these companies believe their current defenses remain inadequate-a clear indication that the industry's efforts to bolster its cybersecurity measures have failed to keep pace with the rapidly evolving threat landscape.

Michael Holcomb, Global Cybersecurity Lead at Fluor, emphasized the dangers tied to the intersection of information technology (IT) and operational technology (OT) systems in mining operations.

"If the IT network is compromised, such as with ransomware, and those IT systems go down, the OT systems fail, which not only results in downtime for the operation and loss of revenue but could lead to safety issues impacting on-site personnel and the surrounding environment," he told Mining Magazine.

Norsk Hydro

Norsk Hydro, a Norwegian aluminum and renewable energy company, suffered a massive ransomware attack that cost $70 million in recovery efforts after the company refused to pay the ransom.

The consequences of these vulnerabilities are starkly illustrated by incidents such as the devastating 2019 ransomware attack on Norsk Hydro, a Norwegian aluminum and renewable energy company, which led to a $70 million recovery effort after the company refused to pay the ransom.

Similarly, in March 2023, Rio Tinto faced what is considered the largest cyber-attack in history, a massive breach that exposed sensitive employee data on the dark web. This attack, which targeted third-party software, highlighted how even companies with significant cybersecurity resources are vulnerable when external partners are compromised.

These high-profile cases serve as a wake-up call for the mining industry, which cannot afford to underestimate the potential scale of these threats.

Adding to the urgency, Roland Plett, cybersecurity expert at Cisco, stressed the need for mining companies to have a clearer understanding of their vulnerabilities.

"The first principle is establishing clear visibility of the risk," Plett said in an interview with Mining Magazine, adding that mining companies need a comprehensive asset inventory and continuous risk assessment to defend against increasingly sophisticated attacks.

"It's just a matter of time until they come under attack."

By incorporating these methods, Plett believes that mining operations can better secure their digital infrastructure from the escalating threat of cyberattacks.

This growing awareness of vulnerabilities, coupled with the increasing sophistication of cyber threats, has placed immense pressure on mining companies to act. While many within the industry acknowledge the severity of the situation, the shift from recognition to implementation has been slow. However, some companies are beginning to make significant strides toward bolstering their defenses.

Progress is progress

Radware

Radware's Live Threat Map tracks live instances of various cyber-attacks globally.

While the mining industry may still be playing catch-up, some of the sector's biggest players are taking decisive action to address their cybersecurity vulnerabilities.

Global mining companies like BHP, Anglo American, Antofagasta Minerals, and Rio Tinto have emerged as leaders in cybersecurity, proactively implementing strategies aimed at mitigating the risks posed by cybercriminals.

According to a thematic report by Mining Technology, these companies are not only investing in traditional cybersecurity measures but also integrating cutting-edge technologies like AI, real-time monitoring, and incident response capabilities to secure their operations.

Another recent report by GlobalData emphasized the increasing importance of cyber-intelligence sharing among mining companies, further evidenced by BHP's partnership with Chilean mining firms Anglo American and Antofagasta to form the Mining Cybersecurity Corporation.

This collaboration aims to develop early warning systems and promote a culture of cybersecurity across mining operations worldwide.

Ramping up its cybersecurity efforts by doubling its permanent IT workforce, BHP is also focusing on security architecture and cyber incident response. Similarly, Anglo American has implemented a global security team spanning several continents, emphasizing training and development for future cybersecurity experts.

These proactive steps are not just about securing corporate networks but are also vital in safeguarding critical OT systems that are crucial to mining activities.

By taking a collaborative approach and utilizing the latest technologies, the mining sector stands a better chance of defending against increasingly sophisticated threats. However, with cyberattacks evolving in both scope and frequency, sustained investment and industry-wide cooperation will be essential to staying ahead of future threats.